To process risky application information, such as a suspected SMS phishing (Smishing) message, corresponding security software usually needs to be installed on a mobile phone of a user. The user can use the security software to upload all SMS messages in the mobile phone of the user to the cloud, and then the cloud can perform screening analysis on all the SMS messages one-by-one. During this process, both a volume of transmitted data and a volume of validation data are relatively large, a risk of leakage of private user information is relatively high, and a user's participation level in user privacy information management is low. Consequently, the user experience is poor.